|
|
| Author |
Message |
khrath
Guest
|
 Posted: 11/06/03 - 07:31 Post subject: Networking Question
|
|
|
Ok i've been racking my brain trying to get this to work now for like hours.
I have a dsl modem that has one ethernet port on it.
You can cable it to a single host that you plug straight into the modem from the nic...or you can plug the modem into a hub and it will automatically NAT every host you plug in to the hub also.
The modem logs itself into the isp, so there's no logging in involved...it's all done automatically the second you plug the phone line is.
My problem is this....the stupid thing runs NAT regardless. I can forward over every packet out there to specific hosts, but cant assign a real world ip to anything, because the d*****s modem assigns it to itself, then gives me an ethernet port i can plug in to, with an internal ip assigned to it.
I can't for the f*****g life of me get multiple computers to work, unless I put them all on a hub connected to the modem.....but that isnt what I want.
What I want, is to plug the modem straight into my bsd box, run nat on the bsd box, and have a hub plugged into a second nic on the bsd box, that connects to my local lan, which it would run nat for and allow it to connect to the net, like this....
[modem[A]-----[B]bsd box[C]-----[hub]-----[D]win box]
A 192.168.1.1
B 192.168.1.100
C 192.168.0.100
D 192.168.0.1
I know there HAS to be a way to get this working, but I can't for the f*****g life of me figure out how to run NAT for my lan, over a connection that is connected to the net with a NAT'd connection.
is is possible, or am i just f****d?
I know I may as well just run it behind the homosex modem, it has built in gay firewall shit, but that basically renders my bsd box useless, and i lose so much control over my network without having it as a gateway.
|
|
|
Back to top
|
|
|
|
 |
TASB
Sir Postalot
Joined: 12 Oct 2002
Posts: 1104
Location: The Outback
|
|
Posted: 11/06/03 - 08:20 Post subject:
|
|
|
Yeah you can do it. That's basicly how I have my network set up. However I have.
[Cable] - [astaro] - [hub] - [LAN]
You interface connecting to the internet should be acepting DHCP from the modem. You then have your firewall rules in the BSD box performing NAT to that interface.
|
|
|
Back to top
|
|
|
|
|
kemble
RealPoor Sensei
Joined: 14 Oct 2002
Posts: 1909
Location: MI
|
|
Posted: 11/06/03 - 08:21 Post subject:
|
|
|
Couple things. What is the make and model of your DSL modem? Some have options to turn NAT off via a browser interface. Some disable NAT if they are booted with no ethernet cable attached but it is all manufacturer specific. You also could look into the possibility of purchasing a non h**o-ized DSL modem.
Assuming you can't disable NAT... There are solutions to your problem, but before getting into that.. does the fact that there is a firewall imbedded in the dsl modem make the venture pointless? Because there is no way around that short of replacing the hardware or disabling it via an admin interface.
|
|
|
Back to top
|
|
|
|
|
khrath
Guest
|
|
Posted: 11/06/03 - 08:23 Post subject:
|
|
|
kemble, i do way more than firewall with my bsd box.
i'm going to try putting the two interfaces on seperate subnets, i read a few places that it wont work if the first 6 digits in the ip are the same.....i'll let ya know how it works =p
|
|
|
Back to top
|
|
|
|
|
Janoth
RealPoor Guru
Joined: 17 Nov 2002
Posts: 3135
|
|
Posted: 11/06/03 - 08:29 Post subject:
|
|
|
WWWWWWWWWWWWWOOOOOOOOOOOOOOOOOOOSSSSSSSSSSSSSSSSSSSSSSSSSSSSHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHH
That was the sound of this post going completly over my head.
|
|
|
Back to top
|
|
|
|
|
TASB
Sir Postalot
Joined: 12 Oct 2002
Posts: 1104
Location: The Outback
|
|
Posted: 11/06/03 - 08:57 Post subject:
|
|
|
|
Well, you can't have both segments on the same subnet. It shouldn't have anything to do with the first 6 digits but rather the network address.
|
|
|
Back to top
|
|
|
|
|
khrath
Guest
|
|
Posted: 11/06/03 - 09:07 Post subject:
|
|
|
|
they weren't, but anything is worth a try =p
|
|
|
Back to top
|
|
|
|
|
TASB
Sir Postalot
Joined: 12 Oct 2002
Posts: 1104
Location: The Outback
|
|
Posted: 11/06/03 - 09:25 Post subject:
|
|
|
|
For the moment forget about the LAN, just get the BSD box connected so you can ping google or some shit. Once that's working getting the rest to go shouldn't be a problem.
|
|
|
Back to top
|
|
|
|
|
sinrakin
RealPoor Master of Posts
Joined: 11 Oct 2002
Posts: 7044
|
|
Posted: 11/06/03 - 10:14 Post subject:
|
|
|
|
There's no reason you can't do two levels of NAT. The only tricky part is configuring BSD to use the DHCP address obtained from the DSL modem as its "public" address. I haven't configured it on BSD so I'm not sure if that's possible, but I know I've used systems with 2-level NAT, so it should be.
|
|
|
Back to top
|
|
|
|
|
khrath
Guest
|
|
Posted: 11/06/03 - 10:38 Post subject:
|
|
|
thats what i ended up doing.
the modem has a feature if you go ass out dmz on it, it'll forward a public ip to you via dhcp.
after i had a public ip on one interface it was cake lol
tasb, i always had connectivity from the bsd box, how you think i posted? =D
|
|
|
Back to top
|
|
|
|
|
compusmack
RealPoor Master of Posts
Joined: 15 Oct 2002
Posts: 6354
|
|
Posted: 11/06/03 - 10:42 Post subject:
|
|
|
| sinrakin wrote: | | There's no reason you can't do two levels of NAT. The only tricky part is configuring BSD to use the DHCP address obtained from the DSL modem as its "public" address. I haven't configured it on BSD so I'm not sure if that's possible, but I know I've used systems with 2-level NAT, so it should be. |
I think this would work, unless you can't route the ips given out from the modem. Aren't ips in the 192.168.xxx.xxx range inherently unroutable?
I think this modem is basically a router/firewall without the hub if im not mistaken. Buying a new modem would be my first choice, so you can NAT from your BSD box straight off a WAN ip. If you try and NAT from the modem, you may run into problems with the firewall on the modem (unless it's configurable).
|
|
|
Back to top
|
|
|
|
|
compusmack
RealPoor Master of Posts
Joined: 15 Oct 2002
Posts: 6354
|
|
Posted: 11/06/03 - 10:43 Post subject:
|
|
|
| Khrath wrote: | thats what i ended up doing.
the modem has a feature if you go ass out dmz on it, it'll forward a public ip to you via dhcp.
after i had a public ip on one interface it was cake lol
tasb, i always had connectivity from the bsd box, how you think i posted? =D |
ahh.. yeah that works too. DMZ overrides the firewall.
|
|
|
Back to top
|
|
|
|
|
TASB
Sir Postalot
Joined: 12 Oct 2002
Posts: 1104
Location: The Outback
|
|
Posted: 11/06/03 - 10:45 Post subject:
|
|
|
| Khrath wrote: | | tasb, i always had connectivity from the bsd box, how you think i posted? =D |
Redundant internet connection =)
|
|
|
Back to top
|
|
|
|
|
khrath
Guest
|
|
Posted: 11/06/03 - 10:47 Post subject:
|
|
|
|
XFree86 + Mozilla Firebird
|
|
|
Back to top
|
|
|
|
|
r00typooh
RealPoor Master of Posts
Joined: 11 Oct 2002
Posts: 5178
Location: Miami, FL
|
|
Posted: 11/06/03 - 11:09 Post subject:
|
|
|
|
lol janoth.
|
|
|
Back to top
|
|
|
|
|
|
|
